Back to the Future: Pwn Pad Review

Practical Limitations

By bringing a full Linux distribution onboard, Pwnie Express has really opened up what’s possible on a mobile device. But that isn’t to say everything about the Pwn Pad is perfect, or that you can throw out that laptop just yet.

To start with, chroot on Android doesn’t allow graphical Linux applications to run. As there is currently no X implementation available for Android, there is no way for graphical Linux applications to interface with the display system. This is unfortunately a common problem with all attempts to bring Linux software to Android, and is not a shortcoming of Pwnie Express’s particular implementation.

That being said, it IS possible to run X on a VNC session from the Linux side, and then connect to that with an Android VNC viewer. This is a rather awkward method of getting graphical Linux tools running on Android, but it’s workable and has been done many times. It doesn’t appear that Pwnie Express has made any attempts to implement such a system as of the current Pwn Pad firmware, which might be a disappointment for some users.

To be fair, most of the software Pwn Pad users will be interested in (I.E. security related) tends to be terminal based, but that doesn’t mean the situation will never arise when somebody would want to run an X app on a Pwn Pad. It could be that future versions of the Pwn Pad firmware will address this, but for now, don’t expect to run anything beyond ncurses applications.

The other big issue I had was actually interfacing with the device. While the onscreen keyboard that comes installed is much better than the stock Android one for entering in commands and code, it’s still pretty terrible trying to work in the terminal; and I could only imagine the headaches you would have if you wanted to try and write original code with it.

Perhaps it’s something that others can get used to, but for me, I would need a physical keyboard to get much of anything done. To that end, I wonder if Pwnie Express might consider offering up the Pwn Pad with something like the KEYBOOK case from poetic, which adds a full Bluetooth keyboard into the mix.

Again, this isn’t something that Pwnie Express can really be blamed for. The difficulty of easily and rapidly entering text on a mobile device is something the whole industry is fighting with, and nobody could expect Pwnie Express to solve the issue. But all the same, it’s going to be difficult to use the Pwn Pad as your primary pentesting tool if you can’t reliably enter text into it for long periods of time.

Rough Edges

While the previous issues are facets of the Pwn Pad which are more or less out of Pwnie Express’s hands, there are definitely some areas where the team can tighten things up.

For example, if graphical Linux applications won’t work on the Pwn Pad, why does the Ubuntu environment have them installed? Core components like X11 and QT are installed, as are applications such as Firefox and Chromium. Including software that the end user can’t use unnecessarily bloats up the system, and potentially opens it up to exploits involving those particular pieces of software.

As it stands, the Ubuntu filesystem on the Pwn Pad is nearly 3 GB, which is considerably more than is required to run text-mode programs. While this might not be an issue on the 32 GB Nexus 7, Pwnie Express could definitely prune this down to the point where it would be reasonable to install their Linux environment on other Android devices that don’t have as much internal storage. There are a number of Android phones which support USB host mode and should theoretically be able to run the Pwn Pad firmware, but not if it won’t fit.

Another issue is that a number of the tools included require hardware which isn’t included with the Pwn Pad kit. For example, Dragorn’s PCAP Capture (which we’ve covered previously) is pre-installed, and yet it isn’t compatible with the TL-WN722N. Why go through the trouble of pre-installing an application that can’t be used out of the box? This presents a possible confusion for new users, as nowhere is it explained that the WiFi hardware Pwnie Express sold you doesn’t work with one of the applications prominently displayed on the home screen.

There is a similar situation with Dragorn’s Kisbee application and the Ubertooth suite of tools. These applications are completely useless without their respective hardware components, and neither of them are the kind of thing you can pop out to your local RadioShack to purchase once you’ve realized the Pwn Pad doesn’t include them.

But perhaps the most annoying of all is how Pwnie Express is handling updates for the Nexus 7. The Pwn Pad comes with a sheet of paper that says very clearly not to install any official updates from Google. So right off the bat, this largely negates the point of going with a Nexus device. But the bigger issue is when you boot the Nexus 7 up, it immediately asks you to install the already downloaded update.

The siren call of a system update.

So apparently the update which you are told not to apply has somehow been (presumably by accident) included in the stock Pwn Pad firmware.

What is the end user to do? The paperwork says not to install any updates, and yet the update appears to be part of the system. It is a very confusing situation to be presented with as soon as you power the device on, and should definitely be rectified.

If Pwnie Express really doesn’t want users to update their Nexus device to the latest Android build from Google (which I can understand due to the customized nature of the Pwn Pad) then they should disable Android’s built in update mechanism to stop it from pestering the user.

Looking Ahead

Having some experience with Pwnie Express and their products, I feel pretty confident that the issues presented here will be addressed in the near future with an update, just as the Pwn Plug was vastly improved when its first update was released.

The team at Pwnie Express strike me as the kind of people who get a great idea out the door and into the hands of the community as soon as possible, and perfect it while it’s in the field; rather than keeping it behind doors while they work out all the little details. It isn’t the way everyone does business, but it seems like its been working pretty well for Pwnie Express so far (and Google, for that matter).

Aside from addressing the issues I’ve mentioned here, I’d like to see Pwnie Express come forward with some details about the promised community edition of the Pwn Pad firmware, as well as when we can expect to see the open source components of their firmware up for peer review and modifications.

Again, Pwnie Express has followed through with all of those same promises on their Pwn Plug, so I have no question that they will do these things, I would just like to know when it will happen.

One thing that does concern me about the Pwn Pad is the fact that a number of security tools have been removed from the Google Play Store due to concerns over their illicit use. I think Pwnie Express would do well to look into existing services such as F-Droid, which would allow them to maintain their own independent repository of Android applications. Pwnie Express could maintain this repository of “banned” security tools and applications for the good of both the Pwn Pad and the community at large.

Conclusion

The similarities between the Pwn Plug and the Pwn Pad are simply too great to ignore, which I think speaks volumes on how Pwnie Express sees their success with the Plug compared to their other ventures. But the comparison with the Plug goes both ways: there are positive and negative implications.

On the positive side, we have a collection of reliable and readily available hardware, which means less hassle in terms of production and replacement. This just makes good sense for everyone involved, and while it might not have the excitement or mystique of a Pwnie-exclusive device (like the Power Pwn), the market Pwnie Express is shooting for isn’t necessarily the kind that gets wrapped up in that sort of thing. Security customers put reliability and availability above all else.

The other side of the coin is that, just like the Pwn Plug was at release, the Pwn Pad is a bit more of a work in progress than a turn-key device at this point. While there is no question that the idea of the Pwn Pad is sound, there are definitely details that need to be addressed in the near and long term. When the Pwn Plug was released the firmware left much to be desired, but by the first official update, the entire system had been ripped out and replaced with a more streamlined and capable operating system. I suspect we’ll see a very similar situation with the Pwn Pad, though perhaps not quite as drastic.

So the final question: is the Pwn Pad a worthy heir to the Pwn Plug?

In my opinion, the Pwn Pad is in a much better state now than the Pwn Plug was at its release, which says a lot about the lessons learned at Pwnie Express. While there is definitely room for improvement, the Pwn Pad is still a very impressive kit, and offers an experience which is completely unmatched.

It’s actually very hard to draw comparisons between the Pwn Pad and anything else on the market, for the simple fact that there really isn’t anything else on the market quite like it. I see areas where the Pwn Pad could be improved, but at the same time, I can’t point to a company doing a better job of it, either. Pwnie Express is, once again, at the forefront of an entirely new market.

They say that you can’t have advancement without competition, and while I would usually agree with that concept, it seems like it doesn’t stop the team at Pwnie Express. Even though they are essentially without peers, they continue to deliver truly unique devices and do it in a way that benefits the open source community. Perhaps even more impressive, they continually improve those same devices, when they could have just as easily made their money by leaving them as half realized products.

If the Pwn Pad is the initial version of a more capable and ambitious penetration testing tablet, then I personally can’t wait to see what comes next.

The Pwn Pad is available now, directly from Pwnie Express. We’ll report on the Pwn Pad Community Edition as details are revealed.

Sharing

Tags

About Tom Nardi

Tom is a Network Engineer with focus on GNU/Linux and open source software. He is a frequent submitter to "2600", and maintains a personal site of his projects and areas of research at: www.digifail.com .
View all posts by Tom Nardi →